signing

package
v0.1.0-alpha.2 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Dec 16, 2022 License: Apache-2.0 Imports: 25 Imported by: 3

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func BaseRootPool 

func BaseRootPool() (*x509.CertPool, error)

func CheckIgnoreResourcesWithAccessType 

func CheckIgnoreResourcesWithAccessType(t string, v interface{}) bool

func CreateAndVerifyX509Certificate 

func CreateAndVerifyX509Certificate(cert, intermediateCAsCerts, rootCACert []byte) (*x509.Certificate, error)

CreateAndVerifyX509Certificate creates and verifies a x509 certificate from in-memory raw certificates. The certificates must be in PEM format.

func CreateAndVerifyX509CertificateFromFiles 

func CreateAndVerifyX509CertificateFromFiles(certPath, intermediateCAsCertsPath, rootCACertPath string) (*x509.Certificate, error)

CreateAndVerifyX509CertificateFromFiles creates and verifies a x509 certificate from certificate files. The certificates must be in PEM format.

func CreateCertificate 

func CreateCertificate(subject pkix.Name, validFrom *time.Time, validity time.Duration,
	pub interface{}, ca *x509.Certificate, priv interface{}, isCA bool, names ...string,
) ([]byte, error)

func GetCertificate 

func GetCertificate(data interface{}) (*x509.Certificate, error)

func Hash 

func Hash(hash hash.Hash, data []byte) (string, error)

func IgnoreLabelsWithoutSignature 

func IgnoreLabelsWithoutSignature(v interface{}) bool

func IgnoreResourcesWithAccessType 

func IgnoreResourcesWithAccessType(t string) func(v interface{}) bool

func IgnoreResourcesWithNoneAccess 

func IgnoreResourcesWithNoneAccess(v interface{}) bool

func IntermediatePool 

func IntermediatePool(pemfile string, fss ...vfs.FileSystem) (*x509.CertPool, error)

func Marshal 

func Marshal(gap string, entries Entries) ([]byte, error)

func Normalize 

func Normalize(v interface{}, ex ExcludeRules) ([]byte, error)

func ParseCertificate 

func ParseCertificate(data []byte) (*x509.Certificate, error)

func ParsePrivateKey 

func ParsePrivateKey(data string) (interface{}, error)

func ParsePublicKey 

func ParsePublicKey(data []byte) (interface{}, error)

func RootPool 

func RootPool(pemfile string, useOS bool, fss ...vfs.FileSystem) (*x509.CertPool, error)

func VerifyCert 

func VerifyCert(intermediate, root *x509.CertPool, cn string, cert *x509.Certificate) error

Types

type ArrayExcludes 

type ArrayExcludes struct {
	Continue ExcludeRules
}

func (ArrayExcludes) Element 

func (r ArrayExcludes) Element(value interface{}) (bool, interface{}, ExcludeRules)

func (ArrayExcludes) Field 

func (r ArrayExcludes) Field(name string, value interface{}) (string, interface{}, ExcludeRules)

type DynamicArrayExcludes 

type DynamicArrayExcludes struct {
	ValueChecker ValueChecker
	ValueMapper  ValueMapper
	Continue     ExcludeRules
}

func (DynamicArrayExcludes) Check 

func (r DynamicArrayExcludes) Check(value interface{}) bool

func (DynamicArrayExcludes) Element 

func (r DynamicArrayExcludes) Element(value interface{}) (bool, interface{}, ExcludeRules)

func (DynamicArrayExcludes) Field 

func (r DynamicArrayExcludes) Field(name string, value interface{}) (string, interface{}, ExcludeRules)

type DynamicExclude 

type DynamicExclude struct {
	ValueChecker ValueChecker
	ValueMapper  ValueMapper
	Continue     ExcludeRules
	Name         string
}

func (*DynamicExclude) Check 

func (r *DynamicExclude) Check(value interface{}) bool

type DynamicInclude 

type DynamicInclude struct {
	ValueChecker ValueChecker
	ValueMapper  ValueMapper
	Continue     ExcludeRules
	Name         string
}

func (*DynamicInclude) Check 

func (r *DynamicInclude) Check(value interface{}) bool

type DynamicMapExcludes 

type DynamicMapExcludes map[string]*DynamicExclude

func (DynamicMapExcludes) Element 

func (r DynamicMapExcludes) Element(value interface{}) (bool, interface{}, ExcludeRules)

func (DynamicMapExcludes) Field 

func (r DynamicMapExcludes) Field(name string, value interface{}) (string, interface{}, ExcludeRules)

type DynamicMapIncludes 

type DynamicMapIncludes map[string]*DynamicInclude

func (DynamicMapIncludes) Element 

func (r DynamicMapIncludes) Element(value interface{}) (bool, interface{}, ExcludeRules)

func (DynamicMapIncludes) Field 

func (r DynamicMapIncludes) Field(name string, value interface{}) (string, interface{}, ExcludeRules)

type Entries 

type Entries []Entry

func PrepareNormalization 

func PrepareNormalization(v interface{}, excludes ExcludeRules) (Entries, error)

func (*Entries) Add 

func (l *Entries) Add(key string, value interface{})

func (Entries) Formatted 

func (l Entries) Formatted() string

func (Entries) String 

func (l Entries) String() string

func (Entries) ToString 

func (l Entries) ToString(gap string) string

type Entry 

type Entry struct {
	// contains filtered or unexported fields
}

Entry is used to keep exactly one key/value pair.

func NewEntry 

func NewEntry(key string, value interface{}) Entry

func (Entry) Get 

func (e Entry) Get() (string, interface{})

func (Entry) Key 

func (e Entry) Key() string

func (Entry) MarshalJSON 

func (e Entry) MarshalJSON() ([]byte, error)

func (Entry) ToString 

func (e Entry) ToString(gap string) string

func (Entry) Value 

func (e Entry) Value() interface{}

type ExcludeEmpty 

type ExcludeEmpty struct {
	ExcludeRules
}

func (ExcludeEmpty) Element 

func (e ExcludeEmpty) Element(value interface{}) (bool, interface{}, ExcludeRules)

func (ExcludeEmpty) Field 

func (e ExcludeEmpty) Field(name string, value interface{}) (string, interface{}, ExcludeRules)

func (ExcludeEmpty) Filter 

func (ExcludeEmpty) Filter(v Normalized) (Normalized, error)

type ExcludeRules 

type ExcludeRules interface {
	Field(name string, value interface{}) (string, interface{}, ExcludeRules)
	Element(v interface{}) (bool, interface{}, ExcludeRules)
}

ExcludeRules defines the rules for normalization excludes.

type HandlerRegistry 

type HandlerRegistry interface {
	RegisterSignatureHandler(handler SignatureHandler)
	RegisterSigner(algo string, signer Signer)
	RegisterVerifier(algo string, verifier Verifier)
	GetSigner(name string) Signer
	GetVerifier(name string) Verifier
	SignerNames() []string

	RegisterHasher(hasher Hasher)
	GetHasher(name string) Hasher
	HasherNames() []string
}

func DefaultHandlerRegistry 

func DefaultHandlerRegistry() HandlerRegistry

func NewHandlerRegistry 

func NewHandlerRegistry() HandlerRegistry

type Hasher 

type Hasher interface {
	Algorithm() string
	Create() hash.Hash
	Crypto() crypto.Hash
}

Hasher creates a new hash.Hash interface.

type KeyRegistry 

type KeyRegistry interface {
	RegisterPublicKey(name string, key interface{})
	RegisterPrivateKey(name string, key interface{})
	GetPublicKey(name string) interface{}
	GetPrivateKey(name string) interface{}
}

func DefaultKeyRegistry 

func DefaultKeyRegistry() KeyRegistry

func NewKeyRegistry 

func NewKeyRegistry() KeyRegistry

type MapExcludes 

type MapExcludes map[string]ExcludeRules

func (MapExcludes) Element 

func (r MapExcludes) Element(value interface{}) (bool, interface{}, ExcludeRules)

func (MapExcludes) Field 

func (r MapExcludes) Field(name string, value interface{}) (string, interface{}, ExcludeRules)

type MapIncludes 

type MapIncludes map[string]ExcludeRules

func (MapIncludes) Element 

func (r MapIncludes) Element(v interface{}) (bool, interface{}, ExcludeRules)

func (MapIncludes) Field 

func (r MapIncludes) Field(name string, value interface{}) (string, interface{}, ExcludeRules)

type NoExcludes 

type NoExcludes struct{}

func (NoExcludes) Element 

func (r NoExcludes) Element(value interface{}) (bool, interface{}, ExcludeRules)

func (NoExcludes) Field 

func (r NoExcludes) Field(name string, value interface{}) (string, interface{}, ExcludeRules)

type NormalizationFilter 

type NormalizationFilter interface {
	Filter(Normalized) (Normalized, error)
}

type Normalized 

type Normalized interface{}

func Prepare 

func Prepare(v interface{}, ex ExcludeRules) (r Normalized, err error)

type Registry 

type Registry interface {
	HandlerRegistry
	KeyRegistry
}

func DefaultRegistry 

func DefaultRegistry() Registry

func NewRegistry 

func NewRegistry(h HandlerRegistry, k KeyRegistry) Registry

type Signature 

type Signature struct {
	Value     string
	MediaType string
	Algorithm string
	Issuer    string
}

func (*Signature) String 

func (s *Signature) String() string

type SignatureHandler 

type SignatureHandler interface {
	Algorithm() string
	Signer
	Verifier
}

SignatureHandler can create and verify signature of a dedicated type.

type Signer 

type Signer interface {
	// Sign returns the signature for the given digest
	Sign(digest string, hash crypto.Hash, issuer string, privatekey interface{}) (*Signature, error)
	// Algorithm is the name of the finally used signature algorithm.
	// A signer might be registered using a logical name, so there might
	// be multiple signer registration providing the same signature algorithm
	Algorithm() string
}

Signer interface is used to implement different signing algorithms. Each Signer should have a matching Verifier.

type ValueChecker 

type ValueChecker func(value interface{}) bool

type ValueMapper 

type ValueMapper func(v interface{}) interface{}

type Verifier 

type Verifier interface {
	// Verify checks the signature, returns an error on verification failure
	Verify(digest string, hash crypto.Hash, sig *Signature, publickey interface{}) error
	Algorithm() string
}

Verifier interface is used to implement different verification algorithms. Each Verifier should have a matching Signer.

Source Files

View all Source files

Directories

Path Synopsis
rsa
rsa-signingservice
nodigest
sha256
sha512

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.